A method and systems for routing packets from a gateway to an endpoint

a gateway and packet technology, applied in the field of methods and systems for routing packets from a gateway to an endpoint, can solve the problems of increasing network level latency, one security risk resulting from implementation of conventional methods, and the kernel layer typically lacks the ability to increase security

Active Publication Date: 2006-02-09
CITRIX SYST INC
View PDF100 Cites 207 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Benefits of technology

[0010] In one embodiment, the receiver comprises a driver in compliance with NDIS. In another embodiment, the receiver is a process executing in kernel mode. In still another embodiment, the receiver forwards the intercepted packet to the policy engine. In one embodiment, the policy engine executes in user

Problems solved by technology

Typically, implementing these architectures provides a user of an endpoint with maximum functionality, at the cost of security to a private network and protected resources behind the gateway.
One security risk resulting from implementation of conventional methods is a consequence of the typical requirement for modifying a routing table on the endpoint to reflect connectivity to the private network behind the VPN gateway.
However, the kernel layer typically lacks the ability to increase security by accessing information regarding which applications generated network packets and applying security policies to packets based on

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A method and systems for routing packets from a gateway to an endpoint
  • A method and systems for routing packets from a gateway to an endpoint
  • A method and systems for routing packets from a gateway to an endpoint

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0025] Referring now to FIG. 1, a block diagram of a system is shown in which client computing devices 110 access a gateway computing device 120 over a first network 150. In some embodiments, the client computing devices 110 access the gateway computing device 120 through a firewall 130, shown in phantom view. In turn, the gateway computing device 120 communicates with target computing devices 140 over a second network 180. Although FIG. 1 shows only one gateway computing device 120 and one type of each of the client computing devices 110 and target computing devices 140, it should be understood that any number of those devices may be present.

[0026] As shown in FIG. 1, a client computing device 110 may include a personal computer 112, a computing kiosk 114, a personal digital assistant (PDA) 116 or cell phone 118. In some embodiments, a computing kiosk 114 is a personal computer that had been configure to allow access by multiple users, typically in a public location and usually fo...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

A method for routing packets from a gateway to an endpoint includes the step of associating a private internet protocol (IP) address with an endpoint having a public IP address. A packet addressed to the private IP address of the endpoint is captured. A policy is applied to the packet. The packet is transmitted to the public IP address of the endpoint, responsive to the application of the policy to the packet.

Description

RELATED APPLICATIONS [0001] This present application claims priority to U.S. Provisional Patent Application No. 60 / 590,837, entitled “Ad Hoc Distributed Networks And Remote Access Architecture,” filed Jul. 23, 2004, and U.S. Provisional Patent Application No. 60 / 601,431, entitled “System And Method For Assuring Redundancy In Remote Access Solutions,” filed Aug. 13, 2004, and U.S. Provisional Patent Application No. 60 / 607,420, entitled “Virtual Network Bridging”, filed Sep. 3, 2004, and U.S. Provisional Patent Application No. 60 / 634,379, entitled “Securing Access to Private Networks from End Points Based on Encryption and Authentication Technology Built into the USB or Other Peripheral Devices Without the Need for Additional Software on the Host Operating System”, filed Dec. 7, 2004, all of which are incorporated herein by reference.FIELD OF THE INVENTION [0002] The present invention relates to a method and systems for securing routing packets and, in particular, to a method and syst...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L12/56H04L47/20
CPCH04L12/2856H04L45/72H04L29/12009H04L29/12367H04L29/12481H04L45/00H04L47/20H04L61/2514H04L61/2557H04L63/0227H04L63/0272H04L63/101H04L63/164H04L63/166H04L63/20H04L12/2898H04L61/00H04L9/00H04L12/66H04L12/28
Inventor RAO, GOUTHAM P.RODRIGUEZ, ROBERT A.BRUEGGEMANN, ERIC R.
Owner CITRIX SYST INC
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap